CVE-2022-45444
EUVD-2022-4831318.01.2023, 01:15
Sewio’s Real-Time Location System (RTLS) Studio version 2.0.0 up to and including version 2.6.2 contains hard-coded passwords for select users in the application’s database. This could allow a remote attacker to login to the database with unrestricted access.Enginsight
Affected Products (NVD)
| Vendor | Product | Version |
|---|---|---|
| sewio | real-time_location_system_studio | 2.0.0 ≤ 𝑥 ≤ 2.6.2 |
𝑥
= Vulnerable software versions
Common Weakness Enumeration
- CWE-259 - Use of Hard-coded PasswordThe software contains a hard-coded password, which it uses for its own inbound authentication or for outbound communication to external components.
- CWE-798 - Use of Hard-coded CredentialsThe software contains hard-coded credentials, such as a password or cryptographic key, which it uses for its own inbound authentication, outbound communication to external components, or encryption of internal data.